Merge pull request #144 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.5.0

Bump @docker/actions-toolkit from 0.3.0 to 0.5.0

.github/workflows/ci.yml

@@ -265,3 +265,32 @@ jobs:
             *.platform=linux/amd64
             *.output=type=image,"name=localhost:5000/name/app:v1.0.0,localhost:5000/name/app:latest",push=true
             *.tags=
+
+  group:
+    runs-on: ubuntu-latest
+    services:
+      registry:
+        image: registry:2
+        ports:
+          - 5000:5000
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v3
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+        with:
+          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
+          driver-opts: |
+            image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
+            network=host
+      -
+        name: Build and push
+        uses: ./
+        with:
+          workdir: ./test/group
+          push: true
+          set: |
+            t1.tags=localhost:5000/name/app:t1
+            t2.tags=localhost:5000/name/app:t2

.github/workflows/test.yml

@@ -16,7 +16,7 @@ jobs:
         uses: actions/checkout@v3
       -
         name: Test
-        uses: docker/bake-action@v2
+        uses: docker/bake-action@v3
         with:
           targets: test
       -

.github/workflows/validate.yml

@@ -36,6 +36,6 @@ jobs:
         uses: actions/checkout@v3
       -
         name: Validate
-        uses: docker/bake-action@v2
+        uses: docker/bake-action@v3
         with:
           targets: ${{ matrix.target }}

README.md

@@ -54,7 +54,7 @@ jobs:
           password: ${{ secrets.DOCKERHUB_TOKEN }}
       -
         name: Build and push
-        uses: docker/bake-action@v2
+        uses: docker/bake-action@v3
         with:
           push: true
 ```
@@ -89,7 +89,7 @@ Following inputs can be used as `step.with` keys
 | `no-cache`   | Bool        | Do not use cache when building the image (default `false`)                                                                                  |
 | `pull`       | Bool        | Always attempt to pull a newer version of the image (default `false`)                                                                       |
 | `load`       | Bool        | Load is a shorthand for `--set=*.output=type=docker` (default `false`)                                                                      |
-| `provenance` | Bool/String | [Provenance](https://docs.docker.com/build/attestations/provenance/) is a shorthand for `--set=*.attest=type=provenance`                    |
+| `provenance` | Bool/String | [Provenance](https://docs.docker.com/build/attestations/slsa-provenance/) is a shorthand for `--set=*.attest=type=provenance`                    |
 | `push`       | Bool        | Push is a shorthand for `--set=*.output=type=registry` (default `false`)                                                                    |
 | `sbom`       | Bool/String | [SBOM](https://docs.docker.com/build/attestations/sbom/) is a shorthand for `--set=*.attest=type=sbom`                                      |
 | `set`        | List        | List of [targets values to override](https://docs.docker.com/engine/reference/commandline/buildx_bake/#set) (eg: `targetpattern.key=value`) |

__tests__/context.test.ts

@@ -56,7 +56,7 @@ jest.spyOn(Builder.prototype, 'inspect').mockImplementation(async (): Promise<Bu
   };
 });
 
-jest.spyOn(Bake.prototype, 'parseDefinitions').mockImplementation(async (files: Array<string>, targets: Array<string>): Promise<BakeDefinition> => {
+jest.spyOn(Bake.prototype, 'parseDefinitions').mockImplementation(async (): Promise<BakeDefinition> => {
   return JSON.parse(`{
     "group": {
       "default": {
@@ -285,6 +285,25 @@ describe('getArgs', () => {
         'image-all'
       ]
     ],
+    [
+      10,
+      '0.10.0',
+      new Map<string, string>([
+        ['load', 'false'],
+        ['no-cache', 'false'],
+        ['push', 'false'],
+        ['pull', 'false'],
+        ['set', `*.labels.foo=bar=#baz`],
+        ['targets', `"image-all"`],
+      ]),
+      [
+        'bake',
+        '--set', `*.labels.foo=bar=#baz`,
+        '--metadata-file', path.join(tmpDir, 'metadata-file'),
+        '--provenance', `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
+        'image-all'
+      ]
+    ],
   ])(
     '[%d] given %p with %p as inputs, returns %p',
     async (num: number, buildxVersion: string, inputs: Map<string, string>, expected: Array<string>) => {

package.json

@@ -29,7 +29,7 @@
   "license": "Apache-2.0",
   "dependencies": {
     "@actions/core": "^1.10.0",
-    "@docker/actions-toolkit": "^0.1.0"
+    "@docker/actions-toolkit": "^0.5.0"
   },
   "devDependencies": {
     "@types/node": "^16.18.21",

src/context.ts

@@ -61,7 +61,7 @@ async function getBakeArgs(inputs: Inputs, toolkit: Toolkit): Promise<Array<stri
     args.push('--metadata-file', BuildxInputs.getBuildMetadataFilePath());
   }
   if (await toolkit.buildx.versionSatisfies('>=0.10.0')) {
-    const bakedef = await toolkit.bake.parseDefinitions([...inputs.files, inputs.source], inputs.targets, inputs.workdir);
+    const bakedef = await toolkit.bake.parseDefinitions([...inputs.files, inputs.source], inputs.targets, inputs.set, inputs.load, inputs.push, inputs.workdir);
     if (inputs.provenance) {
       args.push('--provenance', inputs.provenance);
     } else if ((await toolkit.buildkit.versionSatisfies(inputs.builder, '>=0.11.0')) && !Bake.hasDockerExporter(bakedef, inputs.load)) {

src/main.ts

@@ -5,6 +5,7 @@ import {Inputs as BuildxInputs} from '@docker/actions-toolkit/lib/buildx/inputs'
 import {Context} from '@docker/actions-toolkit/lib/context';
 import {Docker} from '@docker/actions-toolkit/lib/docker/docker';
 import {Exec} from '@docker/actions-toolkit/lib/exec';
+import {GitHub} from '@docker/actions-toolkit/lib/github';
 import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
 
 import * as context from './context';
@@ -16,6 +17,14 @@ actionsToolkit.run(
     const inputs: context.Inputs = await context.getInputs();
     const toolkit = new Toolkit();
 
+    await core.group(`GitHub Actions runtime token ACs`, async () => {
+      try {
+        await GitHub.printActionsRuntimeTokenACs();
+      } catch (e) {
+        core.warning(e.message);
+      }
+    });
+
     await core.group(`Docker info`, async () => {
       try {
         await Docker.printVersion();

test/group/Dockerfile

@@ -0,0 +1,7 @@
+# syntax=docker/dockerfile:1
+
+FROM busybox AS t1
+RUN echo "Hello t1"
+
+FROM busybox AS t2
+RUN echo "Hello t2"

test/group/docker-bake.hcl

@@ -0,0 +1,11 @@
+group "default" {
+  targets = ["t1", "t2"]
+}
+
+target "t1" {
+  target = "t1"
+}
+
+target "t2" {
+  target = "t2"
+}

yarn.lock

@@ -598,10 +598,10 @@
   dependencies:
     "@jridgewell/trace-mapping" "0.3.9"
 
-"@docker/actions-toolkit@^0.1.0":
-  version "0.1.0"
-  resolved "https://registry.yarnpkg.com/@docker/actions-toolkit/-/actions-toolkit-0.1.0.tgz#592dbcaef5ebe8699ea95d9f62ca5d4ba73845b5"
-  integrity sha512-Q9YQGSD3A+WjteCo/CstVzCNRfK0toejQtV1sNOMvXmFqc3TbXNszdGXAl/5Qdb6oRCYJ/Sa7FFLD/JTmQTpQQ==
+"@docker/actions-toolkit@^0.5.0":
+  version "0.5.0"
+  resolved "https://registry.yarnpkg.com/@docker/actions-toolkit/-/actions-toolkit-0.5.0.tgz#4f2c215a1e67ce27edb10acf658b5289f8da7d7e"
+  integrity sha512-VgU9KDmCgSVqpLwNVkf4JUP8Bg38dymuDJhMU0A5DRXtII/K+85peEY/in6U7ThyO1wSSef19ImpiIKYLFBqvA==
   dependencies:
     "@actions/core" "^1.10.0"
     "@actions/exec" "^1.1.1"
@@ -609,11 +609,12 @@
     "@actions/http-client" "^2.0.1"
     "@actions/io" "^1.1.2"
     "@actions/tool-cache" "^2.0.1"
+    "@octokit/plugin-rest-endpoint-methods" "^7.2.1"
     async-retry "^1.3.3"
-    csv-parse "^5.3.6"
+    csv-parse "^5.4.0"
     handlebars "^4.7.7"
     jwt-decode "^3.1.2"
-    semver "^7.4.0"
+    semver "^7.5.1"
     tmp "^0.2.1"
 
 "@eslint-community/eslint-utils@^4.2.0":
@@ -1005,6 +1006,11 @@
   resolved "https://registry.yarnpkg.com/@octokit/openapi-types/-/openapi-types-12.11.0.tgz#da5638d64f2b919bca89ce6602d059f1b52d3ef0"
   integrity sha512-VsXyi8peyRq9PqIz/tpqiL2w3w80OgVMwBHltTml3LmVvXiphgeqmY9mvBw9Wu7e0QWk/fqD37ux8yP5uVekyQ==
 
+"@octokit/openapi-types@^18.0.0":
+  version "18.0.0"
+  resolved "https://registry.yarnpkg.com/@octokit/openapi-types/-/openapi-types-18.0.0.tgz#f43d765b3c7533fd6fb88f3f25df079c24fccf69"
+  integrity sha512-V8GImKs3TeQRxRtXFpG2wl19V7444NIOTDF24AWuIbmNaNYOQMWRbjcGDXV5B+0n887fgDcuMNOmlul+k+oJtw==
+
 "@octokit/plugin-paginate-rest@^2.17.0":
   version "2.21.3"
   resolved "https://registry.yarnpkg.com/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-2.21.3.tgz#7f12532797775640dbb8224da577da7dc210c87e"
@@ -1020,6 +1026,13 @@
     "@octokit/types" "^6.39.0"
     deprecation "^2.3.1"
 
+"@octokit/plugin-rest-endpoint-methods@^7.2.1":
+  version "7.2.1"
+  resolved "https://registry.yarnpkg.com/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-7.2.1.tgz#0e086930c8b4470b0eabaa7d68b67fd1b245bb3a"
+  integrity sha512-UmlNrrcF+AXxcxhZslTt1a/8aDxUKH0trrt/mJCxEPrWbW1ZEc+6xxcd5/n0iw3b+Xo8UBJQUKDr71+vNCBpRQ==
+  dependencies:
+    "@octokit/types" "^9.3.1"
+
 "@octokit/request-error@^2.0.5", "@octokit/request-error@^2.1.0":
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/@octokit/request-error/-/request-error-2.1.0.tgz#9e150357831bfc788d13a4fd4b1913d60c74d677"
@@ -1048,6 +1061,13 @@
   dependencies:
     "@octokit/openapi-types" "^12.11.0"
 
+"@octokit/types@^9.3.1":
+  version "9.3.1"
+  resolved "https://registry.yarnpkg.com/@octokit/types/-/types-9.3.1.tgz#9eb20390f8cfcc975635d813f9a2094efd4aa2dd"
+  integrity sha512-zfJzyXLHC42sWcn2kS+oZ/DRvFZBYCCbfInZtwp1Uopl1qh6pRg4NSP/wFX1xCOpXvEkctiG1sxlSlkZmzvxdw==
+  dependencies:
+    "@octokit/openapi-types" "^18.0.0"
+
 "@sinclair/typebox@^0.25.16":
   version "0.25.24"
   resolved "https://registry.yarnpkg.com/@sinclair/typebox/-/typebox-0.25.24.tgz#8c7688559979f7079aacaf31aa881c3aa410b718"
@@ -1631,10 +1651,10 @@ cross-spawn@^7.0.2, cross-spawn@^7.0.3:
     shebang-command "^2.0.0"
     which "^2.0.1"
 
-csv-parse@^5.3.6:
-  version "5.3.6"
-  resolved "https://registry.yarnpkg.com/csv-parse/-/csv-parse-5.3.6.tgz#181d7c12300a60684bb51261ea9a5c3135ba8688"
-  integrity sha512-WI330GjCuEioK/ii8HM2YE/eV+ynpeLvU+RXw4R8bRU8R0laK5zO3fDsc4gH8s472e3Ga38rbIjCAiQh+tEHkw==
+csv-parse@^5.4.0:
+  version "5.4.0"
+  resolved "https://registry.yarnpkg.com/csv-parse/-/csv-parse-5.4.0.tgz#6793210a4a49a9a74b3fde3f9d00f3f52044fd89"
+  integrity sha512-JiQosUWiOFgp4hQn0an+SBoV9IKdqzhROM0iiN4LB7UpfJBlsSJlWl9nq4zGgxgMAzHJ6V4t29VAVD+3+2NJAg==
 
 debug@^4.1.0:
   version "4.3.1"
@@ -3117,10 +3137,10 @@ safe-buffer@~5.1.1:
   resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d"
   integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==
 
-semver@7.x, semver@^7.3.5, semver@^7.3.7, semver@^7.4.0:
-  version "7.4.0"
-  resolved "https://registry.yarnpkg.com/semver/-/semver-7.4.0.tgz#8481c92feffc531ab1e012a8ffc15bdd3a0f4318"
-  integrity sha512-RgOxM8Mw+7Zus0+zcLEUn8+JfoLpj/huFTItQy2hsM4khuC1HYRDp0cU482Ewn/Fcy6bCjufD8vAj7voC66KQw==
+semver@7.x, semver@^7.3.5, semver@^7.3.7, semver@^7.5.1:
+  version "7.5.1"
+  resolved "https://registry.yarnpkg.com/semver/-/semver-7.5.1.tgz#c90c4d631cf74720e46b21c1d37ea07edfab91ec"
+  integrity sha512-Wvss5ivl8TMRZXXESstBA4uR5iXgEN/VC5/sOcuXdVLzcdkz4HWetIoRfG5gb5X+ij/G9rw9YoGn3QoQ8OCSpw==
   dependencies:
     lru-cache "^6.0.0"